Fortify Software
Home 
Products
Software Security Assurance (SSA)
Outsourced
Outsourced
Ensure the benefits of outsourcing software development
Using third party outsourced providers enables organizations to produce substantially more applications to run their businesses. However, like third party software providers, ensuring security of outsourced code can be challenging. Without visibility and control of outsourcer's development processes, organizations have little ability to ensure that delivered code meets their security standards.
Like commercial software purchased through Independent Software Vendors, assuring the security of projects that have been outsourced to 3rd party "outsourcers" presents unique challenges for the security team. Lack of visibility into the outsourcer's processes means vulnerabilities might be coming into the organization through these partners.
Learn more about Fortify's Vendor Security Management On Demand Service
Fortify's "Powered by Fortify" program provides leading outsourcers with the means to deliver Fortify SSA capabilities as part of an outsourced project. Wipro, a Powered by Fortify partner, has developed the Wipro Security Assurance Center.
Contact me about products from Fortify Software
"We strongly believe that Fortify's holistic approach to application security - implementing security during all stages of development, rather than after the fact - proactively helps eliminate business risk and truly safeguards our enterprise against today's ever-changing security threats."
Craig Shumard, CISO, CIGNA
"We looked into a number of tools and tested them against our source base. The vast majority of them could not handle the size, scope and nature of our applications. Of all the products we tested, Fortify came closest to our technical requirements."
Oracle
"Fortify is one of the largest SAST vendors, with strong innovation as well as execution capabilities. It has expanded its technologies beyond SAST into a broader spectrum of application security disciplines that supplement its core SAST capabilities."
Gartner MQ
"Auditing at the source code level is the best way to protect applications early in the SDL. Fortify SCA will give us the opportunity to fix vulnerabilities before we push out new versions of our applications. In our view, the alternative is a security breach, and that is simply unacceptable."
Mark Crockett, Vice President of Technology and CTO of Informa Investment Scorecard
"Fortify is one of the largest SAST vendors, with strong innovation as well as execution capabilities. It has expanded its technologies beyond SAST into a broader spectrum of application security disciplines that supplement its core SAST capabilities."
Gartner MQ
"We are very pleased with our decision to integrate Fortify products into our source code review and applications security audit processes"
Rick Dakin, QSA and Cofounder of Coalfire
© 2010 Fortify Software Inc., Headquartered in San Mateo, CA USA, (650) 358-5600
eNewsletter Sign Up | Software Security Blog | Contact Us | Privacy